On 6/10/2022 11:50 AM, Casey Schaufler wrote:
On 6/9/2022 4:46 PM, KP Singh wrote:
BPF LSM currently has a default implementation for each LSM hooks which
return a default value defined in include/linux/lsm_hook_defs.h. These
hooks should have no functional effect when there is no BPF program
loaded to implement the hook logic.
What I failed to point out earlier is that you really want general
LSM stacking for BPF to work the way you want it to. Reviewed-bys,
Acked-bys and other participation in that effort would be most
appreciated.
